#! /bin/bash

set -euE

# Create a user "sftp" and make it the owner of /opt/share directory
$ROOTCMD bash -c '
    adduser sftp --gecos "" --disabled-password
    passwd -d sftp
    mkdir -p /opt/share
    chown sftp:sftp /opt/share
'

# Configure the openssh server to use the internal sftp server
cat <<'EOF' > $target/etc/ssh/sshd_config.d/sftp.conf
Match User sftp
ChrootDirectory /opt
PasswordAuthentication yes
PermitEmptyPasswords yes
AllowTcpForwarding no
X11Forwarding no
ForceCommand internal-sftp -d share
Match all
EOF
